Wednesday, August 06, 2008

Hacking fear may dull Olympic crowds

EETimes report that a cheap electronic replica of the Olympic torch is the centre of controversy.

Originally commissioned by the Beijing Games organisers, the gadgets were to be sold at all Olympic venues. A capacity crowd at any of them waving the torches would be an impressive sight - when the torches are waved, movement sensors coordinate flashing LEDs to spell out "Hello" in English or "China" in Chinese. A phone with a similar feature launched in 2004.

But according to EETimes' sources, Chinese officials are concerned the devices could be hacked to display an unapproved message. Perhaps they are imagining a compromised batch lighting up the centrepiece stadium with the message "Free Tibet". Nokia launched a phone with a similar feature back in 2004.

Memsic, the company that makes the torches, has not confirmed or denied those allegations. But it did announce that the contract to supply the torches was cancelled, "due in part to the recent earthquake in China".

EETimes seems convinced there is something political going on, and wonder what will happen to the $2m worth of completed torch components that were shipped to China early this year.

Whether or not they're right, it would certainly be possible to hack a device like the torch. It's an example of the kind of security vulnerability that often goes ignored. As hackable displays and other devices penetrate everywhere, new avenues for protest are appearing.

Friday, May 30, 2008

Build your own multitouch pad

Haven't got $10,000 to buy a Microsoft Surface? The video below shows you how to build your own from an old cardboard box.

I like the kindergarten-style construction here - it's all sticky back plastic and pieces of paper. And it shows just how low-tech multitouch hardware really is. Presumably the finger-tracking software is a little more complicated.

The only way any of these devices will succeed is if they can be useful and easy to use though, which is where LucidTouch might win out. I think that using your fingers on the rear of a handheld gadget is far more intuitive than poking at a tiny screen with finger and thumb, like on an iPhone.

Tuesday, May 20, 2008

Hacker brings multitouch to Apple's desktop

Here's a video that's been doing the rounds on the web recently. Lux is an open-source framework developed by Christian Moore that brings full multitouch interaction to Apple's OSX operating system.

But how useful is this sort of interface really going to be? I can't remember ever being particularly vexed that my computer was incapable of making nice swirly patterns, similar to those that open this video. Certainly resizing photos by stretching them with your hands is excellent, but vertical typing might also become something of a drag.

I notice that the magic of a multitouch virtual keyboard - see 3:35 in the clip - is somewhat redundant when you are poking the keys with just your index fingers.

Thursday, March 13, 2008

Tripping over in the iPhone goldrush

UPDATED Thursday 1500: The BBC now says it has issued a fix for the iPlayer hack mentioned below, but the post still stands as a cautionary tale...

----------

Such is the desperation of the BBC to grab a pinch of Apple fairy dust that the corporation has hurriedly released a version of its TV-streaming iPlayer that gives away its programmes without copy protection.

Anyone using the service on a computer cannot usually view content after 30 days thanks to DRM in the files. But the version for the iPhone provides files without such protection - and a few small tweaks to a web browser let anyone access it.

The simple hack involves cunningly telling BBC's iPlayer server that your computer is actually an iPhone. It seems likely that, because iPhones can't store streamed videos, the Beeb was a bit complacent in not building in the 30-day time limit embedded in Windows iPlayer content. Or perhaps the programmers just forgot.

Anyone frustrated by the lack of iPlayer downloads for Mac or Linux platforms can, now create a DIY version without built-in time limits. At least until the BBC gets wise to the problem and builds in some protection.

It all goes to show that the aura that surrounds Apple's gadgets is something people are desperate to grab a piece of, perhaps too much so.

The fact - much trumpeted by Apple - that over 100,000 people downloaded the new iPhone developer kit in just 4 days after its release puts a figure on that desperation. All those individuals and companies thinking they can strike it rich in Apple's technological gold mine.

Shallow, maybe. But the iPhone is not just successful because of hype. Its new take on the cellphone has left other manufacturers racing to catch up.

Wednesday, March 12, 2008

Death by radio waves: hacking a pacemaker

Researchers in the US have developed a way to kill people with radio waves - but this is no secret Pentagon project.

They're computer scientists demonstrating that pacemakers and other implants can be hacked. Their latest demonstration showed that using radio signals they could shut down a pacemaker made by US firm Medtronic, or have it deliver jolts of electricity that could be fatal.

Those tests involved a pacemaker in a lab, not implanted in a person and required the transmitter being 2 inches from the Maximo model they attacked. The team from the Washington and Massachusetts Universities pulled off the trick by exploiting a radio transmitter in the device used by doctors to monitor a patient or change the pacemaker's settings without surgery.

The researchers were keen to stress that people shouldn't be scared of pacemakers. "If I needed a defibrillator, I'd ask for one with wireless technology," one told the NYT.

They're trying to raise awareness of what they think is a valid security issue. And it's one likely to get more important.

However distant those technologies are, maintaining their security is crucial. The Washington and Massachusetts teams have shared their results with the US Federal Drug Administration, who could impose security standards on future devices.

They've shown that a computer's RAM - short term memory - can give it away.

RAM needs power to hold data; but the researchers have found that information can persist for up to minutes after the power is cut. That's long enough to extract the key needed to unscramble the encrypted disk, which is always kept in a computer's RAM.

An accessible video (below or here) explains the team's findings in more detail. And you can read more at a website set up to explain the work.

The RAM in most computers can hold information for a few seconds to a minute after power down. But cooling the RAM chip can extend that to up to ten minutes. Another video shows how an image held in RAM slowly degrades after the power is turned off.

The attack works on any laptop powered up, or in sleep/hibernate mode. Some machines using Microsoft Vista's BitLocker disk encryption are even vulnerable when switched off completely. Apple's FileVault and popular disk encyption software TrueCrypt suffer the same problem.

Since lots of sensitive data is carried around on entirely un-encrypted formats you could argue this is of little consequence. Properly safeguarding such data is more of a policy than a technical problem. Nevertheless, it will be interesting to see how long before this new attack appears 'in the wild', if at all.

Tuesday, January 15, 2008

Computer security with Quake-based 'cyberspace'

In the 1984 sci-fi novel Neuromancer, William Gibson portrays future computer criminals hacking into corporate networks by navigating through a three-dimensional virtual world, which he rather catchily dubbed "cyberspace".

This term has since become a metaphor for the internet, of course. But now researchers from the Swinburne University of Technology in Australia and US networking company CISCO have developed something that more closely resembles Gibson's original vision, using the Quake III Arena 3D game engine to represent activity on a computer network, including attempts to break in.

As the video below shows, their software – L3DGEWorld 2.2 engine – can represent the nodes on a network as objects with a life of their own, in this case small pyramids that alter colour, shape, movement, and orientation to show different types of behaviour.

Users can walk around between nodes and also interact by shooting them with a laser weapon. Other administrators are seen as their avatars. The next clip shows someone scanning computers on a network for open communication ports using a program called nmap.

It's a kooky idea, but there's a serious point. As this final video highlights, it offers a quick and visually simple way to keep track of many different machines simultaneously. Here it is being used to monitor the Swinburne Supercomputer cluster, which contains 1160 processors and 145 individual nodes. Read more about this project here.

Monday, November 12, 2007

Little brother is watching you

A Dutch man has set up his own surveillance network, in the town of Apeldoorn, and put the results online for all to see. I wonder how many people that live there know this?

His network records the discoverable Bluetooth devices passing by at five sites in the town. He installed USB Bluetooth sticks in the homes of family and friends, and publishes the logs of devices they detect online. Since 19 September, the network has detected 26,574 unique devices.

You can look at the logs of individual phones that were detected. For example this device named Tommy. If a device was detected near more than one of the stations in a short time, you can get a sense of where they were going. It would be interesting to see the data displayed on a map – although there is currently no indication of where the stations are.

It doesn't seem he could get a lot of personal data this way. But think about how someone might feel if they knew what was going on. One person even used an email address as their Bluetooth ID – what would they think if they got a message detailing their recent movements about town?

Friday, October 26, 2007

Game hardware hacks

It featured some pretty bonkers homemade games, including a funny Pong controller – made from a modified pair of leather boots and a riding crop – created by the inimitable James Larsson, a regular at London Dorkbot events.

The most conventional presentation was given by Matthew Garrett, who came along to demonstrate the gaming potential of the OLPC, or the $100(-ish) Laptop. Unfortunately Matthew's laptop malfunctioned during his presentation, so we didn't get to see all that much.Apparently, he's also only developed Connect 4 for the device anyway.

But the games possibilities of the device seem interesting. Since you can automatically interact with users nearby, using the laptop's Mesh Wireless system, it might open up some novel gaming opportunities. Given that the laptop has limited processing and graphics capabilities, perhaps it would be an ideal opportunity to revive some old arcade classics?

Tuesday, September 04, 2007

Did China hack into Pentagon networks?

A front page story in today's Financial Times claims that hackers from the Chinese People's Liberation Army may have infiltrated the office of US defence secretary Robert Gates in June this year by hacking a computer network used to share "non-classified" information.

The article quotes several unnamed sources at the Pentagon, one of whom says there is a "very high level of confidence… trending towards total certainty," that the PLA was behind the hack. Chinese officials have since disputed the claim blaming a "cold war mentality" for the allegations.

Is it really such an espionage coup? Surely international espionage stretches to such activities. Infiltrating computer networks, intercepting emails and snooping on Blackberry messaging must be one of the simplest intelligence-gathering techniques imaginable.

Furthermore, I would imagine that most intelligence agencies, including those in the US already indulge in similar activities themselves. Perhaps this even extends to spreading misinformation by allowing certain networks and information be compromised.

But there's probably a political reason why the story just broke. The accusations also come just a week after claims that Chinese army hackers also penetrated German government computer systems. It also can't be a coincidence that President Bush is scheduled to meet with his Chinese counterpart President Hu Jintao in just two days' time.

Even if Chinese army hackers aren't routinely breaking into other government's computer systems, I imagine it'll make for an interesting talking point.

Monday, August 13, 2007

Facebook code leaks out

Some of the source code that powers the popular social-networking site Facebook found its way onto the web over the weekend. I'm not about to cancel my account, but I do find it a bit worrying.

The source code was published on Saturday to a blog called Facebook secrets and several news sites were alerted. A spokeswoman for Facebook confirmed that the code was genuine, but stressed that it had been revealed accidentally - by a misconfigured web server - and not through a security breach.

The reason the leak is concerning is that, by studying the leaked code, a canny computer hacker might be able to figure out some critical security vulnerabilities and thus gain access to tonnes of personal information.

Having the source code is not the same as finding a vulnerability, however, so I don't think there's much cause for alarm right now. On the other hand, the story raises two important and worrying issues.

The first is that social networks place an awful lot of personal information in one location, raising the risk of identity theft - as several security experts have already warned.

The second point, which is connected to the first, is that social networking services are becoming an ever more enticing target for computer hackers. Only last week we ran a story about a computer expert cracking into MySpace accounts.

So while Facebook may be a safe place for your data right now, I think it is worth thinking carefully about just what sensitive information you keep there in future.Will Knight, New Scientist online technology editor

Friday, July 13, 2007

Many unhappy returns

This year marks the 25th birthday of the very first computer virus, Elk Cloner.

It was created by a wayward 15-year-old called Richard Skrenta who had an annoying habit of hacking computer games so that they stopped working after a set time and displayed an "amusing" message.

Skrenta's friends had naturally grown tired of this nonsense and refused to accept any more disks from him. So he came up with a way to spread his code without them realising.

Elk Cloner spread not across a network but via floppy disks, on machines running the Apple II operating system. It didn't do any damage, simply displaying the following message after a while:

Elk Cloner: The program with a personality

It will get on all your disks It will infiltrate your chips Yes it's Cloner!

It will stick to you like glue It will modify RAM too Send in the Cloner!

In a perspective article in this week's Science, Richard Ford and Gene Spafford reflect on the way viruses, and malware in general, have evolved since. Things have certainly moved on - from countless network worms and email viruses aimed gaining notoriety, to more subtle programmes designed to turn your PC into a DDoS zombie or spambot for financial gain.

Ford and Spafford see no end in sight. As long as computers (and naïve computer users) exist, there will be programmes that run amok, they say. They also note that designing a programme to identify a computer virus with absolute certainty is equivalent to the famous "halting problem" in computer science. In other words, it can't be done.

Throughout history we have seen many vulnerabilities. In the beginning lots of smoke and mayhem revolved around networking and protocol vulnerabilities. Then we took a step up. Platforms [Microsoft, Linux, Apple] were designed to operate a layer above the networks. And of course we've seen all kinds of problems with these.The most common vulnerabilities were passed along by email. Then, as with all technical things, we started to run into more problems, via the web.

Now, it doesn't matter what kind of computer one uses to access the internet. We all end up on the web. Which means that the web is the platform, or, in other words, the problem. If the web is where most people go, then that's where hackers will try to find vulnerabilities... and they've already found plenty.

It kind of makes you long for the days when Elk Cloner was the worst we had to worry about.

The Dutch hardware hackers behind the stunt basically hooked up a digital camera and a projector to a laptop, then programmed the projector to follow a laser pointer with a more powerful beam of light. It looks like lot of fun, but, as the Dutch guys point out, don't try it on a building with anyone inside it.

It reminds me of another project, from 2001, called Blinkenlights. This saw hackers from Germany's Chaos Computer Club program the lights inside a large office building to act like a giant matrix display, which they used to display images, and even to play Tetris.

Monday, June 04, 2007

Milk, lego and 3D scanning

Here's a great DIY 3D scanning hack. Using milk, a webcam and some Lego the inventor can import 3D models of objects into an animation program. I came across it in this blog post.

The Lego is used to hold a webcam so it looks down on a plastic box. The object to be scanned is placed in the box, before it is slowly filled with milk.

The camera tracks the changing outline of the object from above as it is slowly covered - the milk provides a high-contrast background. The series of outlines are layered together by software to produce a 3D model.

It's a neat idea. Although you would need multiple runs from different angles to capture something with surfaces that occlude one another from one side.

Improvements could be made too. For example, spooning in milk takes time. Others have suggested starting with a full container and slowly draining it in a reverse of the process shown here. And some people have been wondering if there are alternatives to milk that would be less messy or damaging to electronics, but would still provide a good background.

Friday, April 20, 2007

Seeing through walls

Have you considered that someone could be reading what's on your monitor from a few rooms away? It's unlikely, but possible, as work by Cambridge University computer security researcher Markus Kuhn shows.

A radio antenna and radio receiver - equipment totalling less than £1000 - is all you need. Kuhn managed to grab the image to the left through two intermediate offices and three plasterboard walls.

Back in 1985, Wim Van Eck proved it was possible to tune into the radio emissions produced by electromagentic coils in a CRT display and then reconstruct the image. The practice became known as Van Eck Phreaking, and NATO spent a fortune making its systems invulnerable to it. It was a major part of Neal Stephenson's novel Cryptonomicon.

CRTs are now well on the way to being history. But Kuhn has shown that eavesdropping is possible on flat panel displays too. It works slightly differently. With a flat panel display the aim is to tune into the radio emissions produced by the cables sending a signal to the monitor. The on-screen image is fed through the cable one pixel at a time. Because they come through in order you just have to stack them up. And Kuhn has worked out how to decode the colour of each pixel from its particular wave form.

If everything is just right, you can pick up signals from some distance. "I was able to eavesdrop certain laptops through three walls," says Kuhn. "At the CEBIT conference, in 2006, I was able to see the Powerpoint presentation from a stand 25 metres away." Here's the image he managed to get:

Kuhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximise the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.

As for defending against this kind of attack, Kuhn says using well-shielded cables, certain combinations of colours and making everything a little fuzzy all work.

Tuesday, March 20, 2007

Gadgets that time forgot

This museum of lost gadgets provides a weird perspective on many of the devices we take for granted today. It isn't entirely new, but I hadn't noticed it before and I thought some readers would like it.

The so-called Museum of Lost Interactions contains a number of modern contraptions re-invented using pre-digital technology by design students at the University of Dundee in Scotland. They've done a nice job of making each device look authentic, and have even created little promotional clips to go with them. The project reminds me a bit of the steam-poweredmachines we wrote about a while back.

The gadgets found in the museum include: the Social Communicator, a portable Blackberry-like device from 1932 that uses the latest in Morse Code technology; a 1950's answer to the iPod called the Zenith Radio Hat; and (my personal favourite) a 1970s smartphone complete with built-in cassette player and film camera. Plenty better than an iPhone if you ask me. Will Knight, online technology editor

Two more examples show industrial bots showing off their drawing skills. This video shows the drawing bot at the Robot Museum in Nagoya, Japan. If you stand in front of a white screen it will draw your outline. However, this blog post reveals what happens if your shirt happens to blend in with the background. It looks like fun to me, and more entertaining than this fairly long clip of a Kuka industrial bot doing another painting.